PHP Remote File Inclusion Vulnerability in Cloud Infrastructure Services - Cloud SAML SSO
CVE-2025-49264
7.5HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 14 August 2025
What is CVE-2025-49264?
A vulnerability exists in Cloud SAML SSO - Single Sign On Login that allows for the improper control of filenames used in PHP include/require statements. This issue can lead to PHP Local File Inclusion, potentially allowing malicious users to execute arbitrary code by including local files. Users of versions from n/a to 1.0.18 should take immediate action to secure their installations against this flaw.
Affected Version(s)
Cloud SAML SSO - Single Sign On Login 0 <= 1.0.18